If you have a MySpace or Facebook account, you may be a prime target of cyberattackers. They usually do this by sending Trojans through apps or widgets that your friends sent you. According to researchers at Finjan, cyberattackers are now going to these social networking sites such to get more victims.

“Attacks will become more sophisticated by combining several services in order to heighten infection ratios and decrease the detection rate, while providing more robust and scalable attack frameworks,” Yuval Ben-Itzhak, chief technology officer, Finjan, said in a news release. “The focus will be on trojan technology as it enables maximum flexibility in terms of command and control. This adds another potentially malicious element to the ‘legitimate’ web traffic that needs to be examined by security solutions.”

In short, before installing the app or widget that your friend sent you, confirm if it came from them. If it didn’t, kindly delete it immediately. If it did come from them, research on the app or widget from previous users.

Source

This stiffer action when handling data includes high costs for as good as encryption systems are, they also cost a lot of money. Most have the cash to spend as in Europe and most of the Developed world but what of the millions in the developing world, should they suffer just because they could not afford the high-tech solutions available to countries and economies that have the cash to spend? That may be the case but remember that the internet connects us all in one big network and any holes in one side, is a hole in the whole net.

The IT industry hailed the coming of the social network as the next step in the evolution of the internet, and it truly is. But as much as we spend more time on our computers in the office and even when we get home, we expose ourselves to more and more threats, more than we could handle. In Europe, the trend in crime has moved into the mainstream internet with many crime organizations shifting from risky manual labor to safer online communications and operations. The various security leaks that resulted in millions of personal records being either lost or stolen have mounted to immeasurable levels the British government had to enforce stiffer data management protocol.

It would also speed up booking and flight scheduling for if use din conjunction with their automated booking and ticketing system it would indeed lessen the length of lines at airports. The most significant problem with RFID is that it is an active system that can be accessed, re-programmed and cloned into a number of identical copies, defeating the security purpose it was said to defeat. RFID tags unlike passive tags are easier to re-program for a user with the right tool can detect the needed information from a passport, encode it onto a new one and then be off on his way without anybody knowing about it. Tools and methods are widely available to programmers and hackers so the high-tech passport is truly just another waste of taxpayer money.

Europe has started to issue RFID passports that have unique codes that identify it as a fingerprint. The only problem is that the technology also opens a whole new avenue for hackers for a well-equipped person can remotely detect a passport with the right equipment from a distance without that person even knowing the data exchange. The move by the UK to move into high-tech passports was to lessen eh time it took to verify the true identity of the holders and of the passport itself. Fake passports would have none of the pre-set information encoded from the issuing office so they can easily be detected and security does the rest.

There has been much talk about the problem associated with the so-called Pandora’s box that is Microsoft’s UAC or User Account Control. This is one of the most unforgettable features of Vista where it first appeared as the ever present annoying pop-up window that asked for permission on almost each and every mouse click (exaggerated). The danger is that the said control feature seems to fail to revert to default security settings after a user has signed into the system as the systems administrator. After this event, use of all applications thereafter have been found to have default settings of the admin without reverting to previously set security settings that can be a wide open door for hackers to exploit. (Read the rest of this story.)

In a first, the FTC has taken a move to bolster their powers on the internet with them ordering the closure of a so-called determined malware ISP that they say has been determined and documented to host several illegal activities such as malware, viruses, pornographic sites and many others. The ISP of course denies all accusations and say they will be fighting the FTC on the matter, claiming they are innocent of all charges. The ISP, PriceWert LLC, has denied all the FTC’s accusations yet the FTC says it has a well documented and solid case. (Read the rest of this story.)

Four employees of a private Israeli Investigation Agency were found guilty to have employed Spyware to steal information from companies. The investigation firm, Modi’in Ezrahi has three of its employees were convicted and given jail terms from 9 months to one and a half year due to industrial espionage the authorities have been monitoring since 2005. This is a common practice of investigation agencies who regularly conduct espionage on rival firms of customers, selling the information they gather to the highest bidder. Corporate espionage is increasing as much as Cybercrime and is forcing many governments to take notice. This incident highlights the need for better protection from cyber criminals in the form of intrusion prevention systems and antivirus software. The authors of the Trojan horse program were sentenced to two and four years of jail time plus hefty fines.

They also report that the amount of malware has increased significantly with them growing ever complex making it harder for industry to cope unless there is mass infections. The initial detection of a threat mobilizes emergency centers that these software company’s have who work against the clock to provide updates to their many registered subscribers which they send updates to once they have the cure. They also send out updates to virus signature databases which allows the anti-virus, Intrusion detection and Prevention Systems to counter attacks by letting them recognize them hopefully in time to prevent mass infection.

Symantec Inc., one of the industry’s leaders in virus and internet protection software has released their analyses of malware activities that wanted to steal personal information for the year 2007. It shows that from Jan to Jun last year, there were almost 7,000 incidents of attacks on the internet and systems their software are protecting while almost double for the next half year. This trend is quite alarming for cyber attacks have grown considerably that more and more people are falling victim to such attacks. The company conducts their own hacker communications analyses and other intelligence by analyzing information they set in honey-pots (purposely set traps to track hacker activities) and the results their software sends in to them for analyses.